Browse Prior Art Database

Establishment of Protection Domain for I/O Operation

IP.com Disclosure Number: IPCOM000084320D
Original Publication Date: 1975-Oct-01
Included in the Prior Art Database: 2005-Mar-02
Document File: 1 page(s) / 12K

Publishing Venue

IBM

Related People

Healey, PD: AUTHOR [+3]

Abstract

In computing systems having a CPU and logically independent I/O processors, memory is sometimes divided into memory blocks. Each memory block consists of a set of contiguous words. Associated with each block is a storage Key whose value ranges over a domain. When a Virtual Machine Monitor (VMM) implements Virtual Machines (VM), the virtual machines can use the storage protect keys in any way they wish. Consequently, the storage protect mechanism normally used in nonvirtual machine monitors cannot prevent one virtual machine from accessing the storage blocks assigned to another VM.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 59% of the total text.

Page 1 of 1

Establishment of Protection Domain for I/O Operation

In computing systems having a CPU and logically independent I/O processors, memory is sometimes divided into memory blocks. Each memory block consists of a set of contiguous words. Associated with each block is a storage Key whose value ranges over a domain. When a Virtual Machine Monitor (VMM) implements Virtual Machines (VM), the virtual machines can use the storage protect keys in any way they wish. Consequently, the storage protect mechanism normally used in nonvirtual machine monitors cannot prevent one virtual machine from accessing the storage blocks assigned to another VM.

In implementing VM, the VMM usually uses the Dynamic Address Translation (DAT) mechanism, whose function it is to map a virtual address into a real address. The DAT feature insures that access be limited to only those blocks in the DAT table of the VM.

Transfer of data to and from main memory is accomplished by an I/O processor. The I/O processor executes, upon signal from the main processor, a program stored in main memory. As part of the signaling process, a key is delivered by the main processor allowing the I/O processor to reference those blocks of main memory with the same key value as that delivered. The storage blocks could belong to any VM.

Since a VM I/O operation references virtual memory addresses and devices, these references must be translated prior to execution so that they refer to real devices and real memory addresse...